Jakka .NET

I am Suresh Jakka, software architect at GeoCue Corp, Madison, Alabama. I have been reading serveral tech blogs and learning a lot. It is about time for me to start a blog on .NET in general so that others can learn from my experiences. Here I will be blogging about obstacles that I encounter in my day-to-day programming world and about the solutions I found.

Sunday, March 28, 2010

Using ClearUsernameBinding in Silverlight

As I told in my previous blog, I am going to explain how to use ClearUsernameBinding in Silverlight. If you just try to set the Username credentials, Silverlight framework complains about not having a secure layer. By default, it expects a secure channel for transferring the Username credentials to the server. So, we have to set the username and password token into the messages that goes from web browser to web server outside the framework of Silverlight.

All these steps have to be performed in Silverlight project.

Step1:

Define the following contstants
internal class Oasis
{
         public const string WsseNamespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-                                wss-wssecurity-secext-1.0.xsd";
         public const string WsseUtilityNamespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-                                wss-wssecurity-utility-1.0.xsd";
         public const string WsseUserNameTokenNamespace = "http://docs.oasis-   open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";
         public const string WsseNamespacePrefix = "o";
        public const string WsseUtilityNamespacePrefix = "u";
}

Step2:
Create a UserNameSecurityTokenHeader that inherits from MessageHeader and override the following methods as shown below.

public class UserNameSecurityTokenHeader : MessageHeader
{

            protected override void OnWriteHeaderContents(System.Xml.XmlDictionaryWriter writer, MessageVersion messageVersion)
{
        writer.WriteStartElement(Constants.Oasis.WsseNamespacePrefix,
                                               Constants.UserNameToken.UserNameTokenElementName,
                                               Constants.Oasis.WsseNamespace);

        writer.WriteAttributeString(Constants.Oasis.WsseUtilityNamespacePrefix,
                                                 Constants.UserNameToken.IdAttributeName,
                                                 Constants.Oasis.WsseUtilityNamespace,
                                                 Guid.NewGuid().ToString());

        writer.WriteElementString(Constants.Oasis.WsseNamespacePrefix,
                                                Constants.UserNameToken.UserNameElementName,
                                                Constants.Oasis.WsseNamespace,
                                                this.UserName);


               /***Write Password***/

         writer.WriteStartElement(Constants.Oasis.WsseNamespacePrefix,
                                                Constants.UserNameToken.PasswordElementName,
                                                Constants.Oasis.WsseNamespace);

         writer.WriteAttributeString(Constants.Oasis.WsseNamespacePrefix,
                                                  Constants.UserNameToken.TypeAttributeName,
                                                  null,
                                                 Constants.Oasis.WsseUserNameTokenNamespace);

        writer.WriteString(this.Password);
        writer.WriteEndElement();

        /***End-Write Password***/
        writer.WriteEndElement();
}

public override string Name
{
     get { return NameValue; }
}

public override string Namespace
{
       get { return Constants.Oasis.WsseNamespace; }
}
 
Step3:
Create your custom message inspector class that implements IClientMessageInspector and override "BeforeSendRequest" method
 
public class MySilverlightMessageInspector : IClientMessageInspector
{
             public object BeforeSendRequest(ref Message request, IClientChannel channel)
            {
                      MessageHeader msgHeader = UserNameSecurityTokenHeader.FromUserNamePassword  (username, password );

                 request.Headers.Add(msgHeader);
                 return null;
           }
}
 
Step4:
Now add the above custom message inpsector to your binding.
 
That's it. Have fun coding!!!!

0 Comments:

Post a Comment

<< Home